<?php
	header('content-type:text/html;charset=utf-8');
	date_default_timezone_set("Asia/Chongqing");
	require('../class/autoload.php');
	session_start();

	/*
		### 验证来路路径是否合法

	*/
	$uri = parse_url(@$_SERVER["HTTP_REFERER"])['path'];
	$uris = array(
	  '/ledger/after/login.html',
	  '/ledger/after/main.html',
	  '/ledger/after/password.html',
	);
	if(!in_array($uri,$uris)){
	 	exit('10004');
	}

        /*
                ### 获取验证码图片
                http://www.yunpan.top/interface/before_interface.php?type=code
        */
        if($_REQUEST['type'] == 'code'){
                require_once "../class/plugin/vcode.class.php";
                Code\VCode::GetCode();
                exit;
        }

        //需要验证验证码的请求
        $vcode_arr = array(
                'changePwd',
        );
        if(in_array($_REQUEST['type'],$vcode_arr)){
                require_once "../class/plugin/vcode.class.php";
                $vcode = I('vcode','p');
                if(!Code\VCode::Check_Code($vcode)){
                        exit('10003');        //验证码不正确
                }
        }


	// //验证用户名
	$account = I('account');
	if(!$account){
		exit('10001');
	}
	$account_arr = array(	//跳过验证用户名与seisson的项
		'login'
	);
	if(!in_array($_REQUEST['type'],$account_arr)){
		if($account != @$_SESSION['ledgerAdminAccount']){
			exit('100011');
		}
	}

	$token_arr = array(		//跳过token验证的项
		'login',
		'exit'
	);
	if(!in_array($_REQUEST['type'],$token_arr)){
		$token1 = I('token1');
		if(!VerifyToken1($account,$token1)){		 	//验证token
			//exit('10002');
		}
	}



	$tokenv_arr = array(		//跳过获取token的项
		'exit',
	);
	if(!in_array($_REQUEST['type'],$tokenv_arr)){
		$tmp_arr = array(
			'token1'=>SetToken1($account)
		);
	}







	switch ($_REQUEST['type']) {

		default :
			echo 'default';
			dump($_FILES);
			dump($_SESSION);
			dump($_REQUEST,1);
			break;




		//重置用户密码
		case '_resetPwd':
			$id = intval(I('id','p'));
			$pdo = MyPdo2::init();
			$sql = "update ledger_user set pwd = ? where id = ?";
			$res = $pdo->dml($sql,array(md5('123'),$id));
			if($res){
				$tmp_arr['stat'] = 'ok';
			}else{
				$tmp_arr['stat'] = 'err2';
			}
			exit(json_encode($tmp_arr));
			break;








		//更改用户状态
		case '_changeStat':
			$id = intval(I('id','p'));
			$pdo = MyPdo2::init();
			$sql = "update ledger_user set stat=if(stat+1>3,1,stat+1) where id = ?";
			$res = $pdo->dml($sql,array($id));
			if($res){
				$tmp_arr['stat'] = 'ok';
			}else{
				$tmp_arr['stat'] = 'err2';
			}
			exit(json_encode($tmp_arr));
			break;





		//获取用户列表
		case '_getUserList':
			$pnow = intval(I('pnow','p'));
			$pnow = $pnow<1?1:$pnow;
			$stype = I('stype','p');

			$searchInp = I('searchInp','p');
			$searchSel = I('searchSel','p');

			$limit = 2;
			$limit_start = ($pnow-1)*$limit;
			$pdo = MyPdo2::init();
			if($stype != 'all'){
				if($searchInp){
					if($searchSel == 'name'){
						$where_str = 'and name like ?';
						$parm_arr = array($stype,"{$searchInp}%");
					}else{
						$where_str = 'and account = ?';
						$parm_arr = array($stype,$searchInp);
					}
					$sql = "select id,account,name,stat from ledger_user where stat = ? {$where_str} limit {$limit_start},{$limit}";
				}else{
					$sql = "select id,account,name,stat from ledger_user where stat = ? limit {$limit_start},{$limit}";
					$parm_arr = array($stype);
				}
			}else{
				if($searchInp){
					if($searchSel == 'name'){
						$where_str = 'where name like ?';
						$parm_arr = array("{$searchInp}%");
					}else{
						$where_str = 'where account = ?';
						$parm_arr = array($searchInp);
					}
					$sql = "select id,account,name,stat from ledger_user {$where_str} limit {$limit_start},{$limit}";
				}else{
					$sql = "select id,account,name,stat from ledger_user limit {$limit_start},{$limit}";
					$parm_arr = array();
				}
			}
			$res = $pdo->dql($sql,$parm_arr);
			if($res){
				$tmp_arr['data'] = $res;
			}else{
				$tmp_arr['data'] = array();
			}
			exit(json_encode($tmp_arr));
			break;





		//登陆
		case 'login':
			$pwd = I('pwd','p');
			$account = I('account','p');
			_checkVal($pwd,$account);//检测变量

			if(!file_exists('adminPwd')){
				file_put_contents('adminPwd', md5('a'));
			}

			if($account == 'admin1' && md5($pwd) == file_get_contents('adminPwd')){
			//if($account == 'a'){
				$_SESSION['ledgerAdminAccount'] = $account;
				$tmp_arr['stat'] = 'ok';	//目录创建成功！
			}else{
				$tmp_arr['stat'] = 'err2';
			}
			exit(json_encode($tmp_arr));
			break;



		//退出 
		case 'exit':
			session_destroy();
			echo 'ok';
			break;




























		//修改密码
		case 'changePwd':
			$p1 = I('p1','p');
			$p2 = I('p2','p');
			_checkVal($p1,$p2);//检测变量

			$pwdFile = 'adminPwd';
			if(file_exists($pwdFile)){
				if(md5($p1) == file_get_contents($pwdFile)){
					$tmp_arr['stat'] = 'ok';	//密码修改成功！
					file_put_contents($pwdFile,md5($p2));
				}else{
					$tmp_arr['stat'] = 'err3';	//原密码不正确！
				}
			}else{
				$tmp_arr['stat'] = 'err2';	//数据异常！
			}
			exit(json_encode($tmp_arr));
			break;





		//获取用户空间使用量
		case '_getUseSize':
			$uaccount = intval(I('uaccount','p'));
			$pdo = MyPdo2::init();
			$sql = "select sum(size) as size from file_list where account = ?";
			$res = $pdo->dql($sql,array($uaccount),1);
			if($res){
				$tmp_arr['ucapacity'] = floatval($res['size']);
			}else{
				$tmp_arr['ucapacity'] = 0;	//操作失败！
			}
			$_SESSION['ucapacity'] = $tmp_arr['ucapacity'];
			exit(json_encode($tmp_arr));
			break;



		//增容，减容
		case '_upCapa':
			$id = intval(I('id','p'));
			$ctype = I('ctype','p');	//有值为降额，无值为提额
			$pdo = MyPdo2::init();
			if($ctype){
				$sql = "update user_list set capacity=if(capacity-1<1,1,capacity-1) where id = ?";
			}else{
				$sql = "update user_list set capacity=if(capacity+1>5,5,capacity+1) where id = ?";
			}
			$res = $pdo->dml($sql,array($id));
			if($res){
				$tmp_arr['stat'] = 'ok';
			}else{
				$tmp_arr['stat'] = 'err2';
			}
			exit(json_encode($tmp_arr));
			break;





		//提额，降额
		case '_upLimit':
			$id = intval(I('id','p'));
			$ltype = I('ltype','p');	//有值为降额，无值为提额
			$pdo = MyPdo2::init();
			if($ltype){
				$sql = "update user_list set ulimit=if(ulimit-100<1,100,ulimit-100) where id = ?";
			}else{
				$sql = "update user_list set ulimit=if(ulimit+100>5000,5000,ulimit+100) where id = ?";
			}
			$res = $pdo->dml($sql,array($id));
			if($res){
				$tmp_arr['stat'] = 'ok';
			}else{
				$tmp_arr['stat'] = 'err2';
			}
			exit(json_encode($tmp_arr));
			break;











		
	}








